postresfaioficial.store Open in urlscan Pro
2a02:4780:1:8::3a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://postresfaioficial.store/
Submission: On May 04 via automatic, source certstream-suspicious (May 4th 2021, 9:54:24 pm UTC)

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 14 domains to perform 69 HTTP transactions. The main IP is 2a02:4780:1:8::3a, located in United States and belongs to AS-HOSTINGER, CY. The main domain is postresfaioficial.store.
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.

This is the only time postresfaioficial.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:4780:1:8... 2a02:4780:1:8::3a	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:3a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f21... 2a03:2880:f211:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:12::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:67::a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
69	22

2 2a02:4780:1:8::3a (United States)

ASN47583 (AS-HOSTINGER, CY)

postresfaioficial.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:3a9 (United States)

ASN13335 (CLOUDFLARENET, US)

userapp.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f211:c4:face:b00c:0:43fe (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

scontent-atl3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-atl3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b4f (United States)

ASN13335 (CLOUDFLARENET, US)

backend.zyro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:12::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-5goeen7y.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:67::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednly.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-frt3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-frt3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	youtube.com www.youtube.com	759 KB
16	cdninstagram.com scontent-atl3-1.cdninstagram.com video-atl3-1.cdninstagram.com scontent-frx5-1.cdninstagram.com scontent-frt3-1.cdninstagram.com scontent-frt3-2.cdninstagram.com video-frt3-2.cdninstagram.com video-frt3-1.cdninstagram.com	646 KB
12	googlevideo.com r5---sn-5goeen7y.googlevideo.com r5---sn-4g5ednly.googlevideo.com	2 MB
4	gstatic.com fonts.gstatic.com www.gstatic.com	81 KB
4	zyrosite.com userapp.zyrosite.com assets.zyrosite.com	189 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	399 B
2	ggpht.com yt3.ggpht.com	6 KB
2	unsplash.com images.unsplash.com	5 MB
2	postresfaioficial.store postresfaioficial.store	26 KB
1	instagram.com graph.instagram.com	3 KB
1	google.com www.google.com	13 KB
1	zyro.com backend.zyro.com	635 B
1	ytimg.com i.ytimg.com	13 KB
1	googleapis.com fonts.googleapis.com	769 B
69	14

	Domain	Requested by
20	www.youtube.com	userapp.zyrosite.com www.youtube.com
10	r5---sn-4g5ednly.googlevideo.com	www.youtube.com
6	scontent-atl3-1.cdninstagram.com	postresfaioficial.store
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	scontent-frt3-2.cdninstagram.com
2	scontent-frt3-1.cdninstagram.com
2	scontent-frx5-1.cdninstagram.com
2	r5---sn-5goeen7y.googlevideo.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	video-atl3-1.cdninstagram.com	postresfaioficial.store
2	images.unsplash.com	postresfaioficial.store
2	assets.zyrosite.com	postresfaioficial.store
2	userapp.zyrosite.com	postresfaioficial.store
2	postresfaioficial.store	postresfaioficial.store
1	video-frt3-1.cdninstagram.com
1	video-frt3-2.cdninstagram.com
1	graph.instagram.com	userapp.zyrosite.com
1	www.gstatic.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	backend.zyro.com	userapp.zyrosite.com
1	i.ytimg.com	postresfaioficial.store
1	fonts.googleapis.com	postresfaioficial.store
69	24

This site contains no links.

Subject Issuer	Validity	Valid
postresfaioficial.store R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.zyrosite.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-11` - `2021-07-11`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-03-21` - `2021-06-19`	3 months	crt.sh
imgix2.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-14` - `2021-07-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-20` - `2021-06-29`	2 months	crt.sh
*.graph.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-03-21` - `2021-06-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://postresfaioficial.store/
Frame ID: 0F8654043F3C88DC89C8C6492F64D47C
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
Frame ID: D7F97CACD4251636075B0A6471EA0D80
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

69
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

24
Subdomains

22
IPs

3
Countries

8378 kB
Transfer

11226 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
postresfaioficial.store/ 129 KB
26 KB 830ms
191ms Document
text/html 2a02:4780:1:8::3a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:1:8::3a , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

3972c109a691e2e976f3600d0387431a9ee50434ab98e990024fe474163e3c89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com editor.zyro.com www-staging.zyro.space builder-staging.zyro.space
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: postresfaioficial.store
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: openresty
date: Tue, 04 May 2021 21:53:59 GMT
content-type: text/html
last-modified: Sun, 02 May 2021 23:36:54 GMT
etag: W/"d3ff9c4887b1f7dfc05b5156a940e9d1"
cache-control: max-age=0, must-revalidate
content-security-policy: frame-ancestors zyro.com editor.zyro.com www-staging.zyro.space builder-staging.zyro.space
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-content-type-options: nosniff
x-powered-by: Zyro.com
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 4 KB
769 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rozha+One:400|Raleway:400,600&display=swap

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

255d06c716c97039b129f2494758c249882718676cca0756525271357e4e36f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:53:59 GMT
server: ESF
date: Tue, 04 May 2021 21:53:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 21:53:59 GMT

GET
H2 200 chunk-vendors.6ed82305.js Show response
userapp.zyrosite.com/v134/js/ 325 KB
98 KB 68ms
35ms Script
application/javascript 2606:4700::6812:3a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userapp.zyrosite.com/v134/js/chunk-vendors.6ed82305.js

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a738843f5f5ac5f0311a7553f44c901d5ed63e87baf2b689ec480366758fecb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com builder.zyro.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 401543
cf-ray: 64a4f70af8154e13-FRA
vary: Accept-Encoding
cf-request-id: 09daf8bada00004e13949e5000000001
last-modified: Fri, 30 Apr 2021 05:52:19 GMT
server: cloudflare
etag: W/"98d44b9a80405626d1b044c74c1f1ea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-amz-version-id: mzg5S7v4JT1on6NqKkiOf1_ocPSYGfuG
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors zyro.com builder.zyro.com
content-type: application/javascript
expires: Wed, 04 May 2022 21:53:59 GMT

GET
H2 200 index.00a0e774.js Show response
userapp.zyrosite.com/v134/js/ 131 KB
35 KB 57ms
24ms Script
application/javascript 2606:4700::6812:3a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userapp.zyrosite.com/v134/js/index.00a0e774.js

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87fb809abaae4bc0faaabc72aba2147150afcdd31f86eee8dc2b3a05fb77e2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com builder.zyro.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 401543
cf-ray: 64a4f70af8174e13-FRA
vary: Accept-Encoding
cf-request-id: 09daf8bada00004e13ea868000000001
last-modified: Fri, 30 Apr 2021 05:52:19 GMT
server: cloudflare
etag: W/"b5eb08b126241a0b12c2c56a223d8711"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-amz-version-id: QSUGVvUKIbnmCCVov7P0s2ecbQQwTdZm
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors zyro.com builder.zyro.com
content-type: application/javascript
expires: Wed, 04 May 2022 21:53:59 GMT

GET
H2 404 a2ff1ftsK3yTu21p1BeEN2BZsnA.js
postresfaioficial.store/cdn-cgi/apps/head/ 0
0 194ms
194ms Script
text/html 2a02:4780:1:8::3a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://postresfaioficial.store/cdn-cgi/apps/head/a2ff1ftsK3yTu21p1BeEN2BZsnA.js
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:1:8::3a , United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

:path: /cdn-cgi/apps/head/a2ff1ftsK3yTu21p1BeEN2BZsnA.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postresfaioficial.store
referer: https://postresfaioficial.store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:53:59 GMT
content-encoding: gzip
server: openresty
etag: W/"5eb3faa8-1546d"
content-type: text/html

GET
H2 200 WhatsApp-Image-at-AM-YbN3MBkk4aslZWOv.jpeg
assets.zyrosite.com/mnlNyWblQBfOG4D1/ 30 KB
30 KB 991ms
975ms Image
image/jpeg 2606:4700::6812:3a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/mnlNyWblQBfOG4D1/WhatsApp-Image-at-AM-YbN3MBkk4aslZWOv.jpeg

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b90e67d59a9b8819f599eb5c03c92a1fe8148ee228267c60b262f2498ae367

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com editor.zyro.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 30562
cf-request-id: 09daf8bb3400004e13d415b000000001
last-modified: Tue, 27 Apr 2021 20:20:10 GMT
server: cloudflare
etag: "f59462efd477efc8eab69653c2835ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors zyro.com editor.zyro.com
accept-ranges: bytes
cf-ray: 64a4f70b88eb4e13-FRA
expires: Wed, 04 May 2022 21:54:00 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/AuWz3Cw2j6o/ 13 KB
13 KB 46ms
46ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/AuWz3Cw2j6o/hqdefault.webp

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131a852073fb606d58131e75e533f08b04a33d7dfd60f8573e21c335c00007e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:53:59 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13110
x-xss-protection: 0
expires: Tue, 04 May 2021 23:53:59 GMT

GET
H2 200 WhatsApp-Image-at-PM-YD0OyzaJXbHzn45Y.jpeg
assets.zyrosite.com/cdn-cgi/image/format=auto,w=496,h=368,fit=crop/mnlNyWblQBfOG4D1/ 25 KB
25 KB 1101ms
1099ms Image
image/webp 2606:4700::6812:3a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=496,h=368,fit=crop/mnlNyWblQBfOG4D1/WhatsApp-Image-at-PM-YD0OyzaJXbHzn45Y.jpeg

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7d5840ea4926cc7d41d27e195021fd1938be4b33ea8837902abb571676b1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:00 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 25390
cf-request-id: 09daf8bb8100004e13d6919000000001
last-modified: Fri, 30 Apr 2021 22:49:51 GMT
server: cloudflare
etag: "cf2iauWELXcspIcDp9ITo6sA:aa4bdad983fd7cfccdb65a6ebc85b6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/webp
cache-control: public, max-age=31536000
cf-resized: internal=ok/m q=0 n=1019 c=35 v=2021.4.5
accept-ranges: bytes
cf-ray: 64a4f70c09c14e13-FRA
expires: Wed, 04 May 2022 21:54:00 GMT

GET
H2 200 178109716_795451781392812_5500241325733709223_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 37 KB
37 KB 557ms
334ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/178109716_795451781392812_5500241325733709223_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=wijtq3mNfjkAX8X8xWW&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=e3fda8cf6462cb9d8d79f3928c72fe99&oe=60B44F50
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1c4c9e363a16c42a1fbc92c574d6307a74c6dbcd9a1415748fa8c27efe76a90d

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3459453836
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
last-modified: Tue, 27 Apr 2021 23:23:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: gQIq-AtR-UZwo3eWZSNivzZEWOcFLNnmXZD_puyXBd7jVTynoOsmWFxfDCk_mOmigDrFpcp-WXsUEhF3DeQcgw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 489573964
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 37862

GET
H2 200 178636045_164210258942949_6268951157058072833_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 67 KB
67 KB 557ms
334ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/178636045_164210258942949_6268951157058072833_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=uOR90PQgzFcAX9NPBeO&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=fd628d5e574d73b65dabaf322f544ecf&oe=60B30163
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b0a3f556cd3e68018abeff7a3cbc029505ebb7efe37f54b8d967d0b9377ee8d7

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 842788876
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
last-modified: Tue, 27 Apr 2021 23:19:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: ede5-H0lnY7PHp2X1DjjAV-uF9KEz95A6ZtTy1zuJwIOz9Ye8ZKFmH8v9kE1DBgQ77j0qQDoCXcEF8KcXjDdUQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4250453923
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68833

GET
H2 200 179011887_365237131534222_2043355444479295177_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 56 KB
56 KB 450ms
228ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/179011887_365237131534222_2043355444479295177_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=KIPlYbgP7cMAX8vLsBB&_nc_oc=AQkDugM4WEzAVzHsXFwHilOM3jKkGP5imSaSHEhuNagzK6qzkVudd8cYG1BkwlYQRZc&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=70e0d6d0d4e114cbebe510f8ae0916d7&oe=60B394B4
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 296e5850cd3c8bed1a043182caab3b6699dba6d4f68015a78ac0342f4b897a8a

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2260979945
date: Tue, 04 May 2021 21:53:59 GMT
x-fb-trip-id: 1082456386
last-modified: Tue, 27 Apr 2021 22:15:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: HnSCAZQSYrJUvEsvs3mqELHXZkDMOhzIePLpRqFDsvluytuAgPNNjS_eUNQ-vFlubNDJs4vTvbjoGrklvE8PHg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1704581561
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 56941

GET
H2 200 161335260_233540845161538_7607169456651612320_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 45 KB
46 KB 556ms
334ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/161335260_233540845161538_7607169456651612320_n.jpg?_nc_cat=103&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=Q6Jj-KCQBssAX-S77hT&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=1c49858aec796c02a02227ba6066bc72&oe=60B5D62D
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f78fc8edd47cc6869cc0a1e15aad92f5ef258bd406310d82065e5278fea2d175

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 641772692
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
last-modified: Tue, 16 Mar 2021 00:33:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: ORwZxsrraPhPS9tCtm-RHRWtxtd6WjZ9Le83e1W_YEu5x2vo6xi9rLNFMSJM1WYDyWlFnEQlmY8iYp5rVJuRTA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1073548586
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 46568

GET
H2 200 160600523_734126777106533_6233512229743436426_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 45 KB
46 KB 616ms
394ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/160600523_734126777106533_6233512229743436426_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=oAP8KTTbflgAX9omlVf&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=39edbfbcf025527ddbc818950bb6b844&oe=60B69B85
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 18ff67dc210b35cc0ee6adb92fd350f8ddd8005a6782ce3dc2e747cd13c3d0df

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2946984028
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
last-modified: Sun, 14 Mar 2021 21:24:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: WUOXBd-0lrroDFhZZI_QRM0GZvV5mMhxv-bpiTiaszoqkkuqbc0FA4cO3HESLHZfskwXY1_1keN745t9yxCMFQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 232656882
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 46590

GET
H2 200 159993021_362907134806241_2818838922772568609_n.jpg
scontent-atl3-1.cdninstagram.com/v/t51.29350-15/ 71 KB
71 KB 334ms
112ms Image
image/jpeg 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.cdninstagram.com/v/t51.29350-15/159993021_362907134806241_2818838922772568609_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=1rg6IDA9eNQAX8rG_Ir&_nc_ht=scontent-atl3-1.cdninstagram.com&oh=8b10f0ba62e5adb41d1e5e921a0bbdf9&oe=60B53A6E
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 17083cf8e73dd7c2235d92167d87d578fd92fa6987abc77c37fbde38aebeed5c

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 360657980
date: Tue, 04 May 2021 21:53:59 GMT
x-fb-trip-id: 1082456386
last-modified: Sun, 14 Mar 2021 21:20:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1671495836
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 72496

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e1d86973a2868392fe31688df0674757eecd7db9ea1b18e3242eb3cad985b05

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 289fd95e4480001061f4f0784e0d3a365b7629b33a58264900ee7dcd0afabefb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 photo-1618485476408-4aca780ba55c
images.unsplash.com/ 5 MB
5 MB 8543ms
8527ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1618485476408-4aca780ba55c?ixid=Mnw3MjU4M3wwfDF8cmFuZG9tfHx8fHx8fHx8MTYxOTgyMzg4NQ&ixlib=rb-1.2.1&w=1366&q=70&auto=format?auto=format&w=5040&fit=crop

Requested by

Host: postresfaioficial.store
URL: https://postresfaioficial.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

771f7c9639df64941adf1051a1b892a25ae38963d141bcb354a2d2407e689df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:54:07 GMT
server: imgix
age: 1
vary: Accept, User-Agent
x-cache: MISS, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 248d0e3321c70a8516d64ecf47524e039b66b237
accept-ranges: bytes
content-length: 4880223
x-served-by: cache-sjc10073-SJC, cache-hhn4033-HHN

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:400|Raleway:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postresfaioficial.store
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:38:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 472537
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:38:22 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v8/ 18 KB
18 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v8/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:400|Raleway:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc41fe9a424bdb4f001e588c5993b7d760b104333c9fa2adfe3f5e641f3d20fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postresfaioficial.store
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:55:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:47:56 GMT
server: sffe
age: 82700
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18172
x-xss-protection: 0
expires: Tue, 03 May 2022 22:55:39 GMT

GET
H2 206 176028638_4139940412712506_675178571731522319_n.mp4
video-atl3-1.cdninstagram.com/v/t50.2886-16/ 129 KB
0 582ms
346ms Media
video/mp4 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-atl3-1.cdninstagram.com/v/t50.2886-16/176028638_4139940412712506_675178571731522319_n.mp4?_nc_cat=110&vs=17989365382350394_374220009&_nc_vs=HBksFQAYJEdONzdmUW82NXJEOVFMVU9BQTlUQTNCVnQxNEpia1lMQUFBRhUAAsgBABUAGCRHRUNGWFFvVTM4ZjYwWVFLQU1pSjB0TzNzd05fYmtZTEFBQUYVAgLIAQAoABgAGwGIB3VzZV9vaWwBMRUAACb0%2BrjB7M70PxUCKAJDMywXQDndsi0OVgQYEmRhc2hfYmFzZWxpbmVfMV92MREAdeoHAA%3D%3D&ccb=1-3&_nc_sid=59939d&efg=eyJ2ZW5jb2RlX3RhZyI6InZ0c192b2RfdXJsZ2VuLjcyMC5mZWVkIn0%3D&_nc_ohc=re7sPFkkhDcAX-E5vKu&_nc_ht=video-atl3-1.cdninstagram.com&oh=440f65e60911298ab30edd16e08aa06e&oe=60B3A77F&_nc_rid=9f46936540
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://postresfaioficial.store/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
accept-ranges: bytes
content-type: video/mp4
access-control-allow-origin: *
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: -x5GkKylyJYeMvMVIKUiHhQNvpKC3RGps46vhpyeizqTvEnavVFMqfpsKSOFenFZmin_4b2ZjFS4sX6ndC8odA
Content-Range: bytes 0-1219853/1219854
x-fb-config-version-olb-prod: 1091
x-fb-vts-requestid: 56352d2aeb
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 1219854

GET
H2 206 176935090_1760331217480985_4531711404042249067_n.mp4
video-atl3-1.cdninstagram.com/v/t50.2886-16/ 128 KB
0 350ms
114ms Media
video/mp4 2a03:2880:f211:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-atl3-1.cdninstagram.com/v/t50.2886-16/176935090_1760331217480985_4531711404042249067_n.mp4?_nc_cat=109&vs=17857546094507875_1401299972&_nc_vs=HBksFQAYJEdMTFFpd29acmVjTUEwRUdBR3RqaGc2RDNfTV9ia1lMQUFBRhUAAsgBABUAGCRHRFEzZ2dwd1BPR0R2cU1CQUJ0M2RUTWRFTzgzYmtZTEFBQUYVAgLIAQAoABgAGwGIB3VzZV9vaWwBMRUAACbGhO7V7NW4PxUCKAJDMywXQEQu2RaHKwIYEmRhc2hfYmFzZWxpbmVfMV92MREAdeoHAA%3D%3D&ccb=1-3&_nc_sid=59939d&efg=eyJ2ZW5jb2RlX3RhZyI6InZ0c192b2RfdXJsZ2VuLjcyMC5mZWVkIn0%3D&_nc_ohc=XXAn3b61MZ8AX_tZ8rh&_nc_ht=video-atl3-1.cdninstagram.com&oh=9340f6885e609da31a3db6d722327f7e&oe=60B6549B&_nc_rid=22a224baec
Requested by: Host: postresfaioficial.store
URL: https://postresfaioficial.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f211:c4:face:b00c:0:43fe Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://postresfaioficial.store/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 21:54:00 GMT
x-fb-trip-id: 1082456386
accept-ranges: bytes
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-785921/785922
x-fb-config-version-olb-prod: 1091
x-fb-vts-requestid: 22a224baec
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 785922

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 EJfCT8ae0f8g6LpoIUEA6 Show response
backend.zyro.com/u1/instagram/token/ 161 B
635 B 746ms
704ms XHR
application/json 2606:4700:10::ac43:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.zyro.com/u1/instagram/token/EJfCT8ae0f8g6LpoIUEA6

Requested by

Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/v134/js/chunk-vendors.6ed82305.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b4f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c18479507501fb2e5560c3466722d0f1f82097eccd08b765283ac68bb55936

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a1-ESWW6A6O2DuaNxmYO20/Iaj15fw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 64a4f742ae232be9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daf8ddad00002be96a3d6000000001
x-request-id: A0xk4K98VjT55Pzn

GET
H2 200 AuWz3Cw2j6o Show response
www.youtube.com/embed/ Frame D7F9 51 KB
21 KB 163ms
163ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Requested by

Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/v134/js/chunk-vendors.6ed82305.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

425fb1326ed7b0efd5c9e3d08757496b5e630a99c230a0d0b19c2dbb1cbbbcff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postresfaioficial.store/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postresfaioficial.store/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 May 2021 21:54:08 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1ucwqV0A-tc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=qI8wWjzoOVk; Domain=.youtube.com; Expires=Sun, 31-Oct-2021 21:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+347; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 photo-1499635842761-4f1f28fafcff
images.unsplash.com/ 23 KB
23 KB 159ms
158ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1499635842761-4f1f28fafcff?ixid=Mnw3MjU4M3wwfDF8c2VhcmNofDMwfHxQT1NUUkVTfGVufDB8fHx8MTYxOTk5ODEyOQ&ixlib=rb-1.2.1&w=1366&q=70&auto=format?auto=format&w=392&h=368&fit=crop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ff42157f36dc6ba3756b53635d3d55bcedaa41778aef3a40ee9ea8b0d5d35de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 02 May 2021 23:33:15 GMT
server: imgix
age: 166853
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: ec53a7acf4100d4cd527cb74d141b87c1a49af90
accept-ranges: bytes
content-length: 23326
x-served-by: cache-sjc10081-SJC, cache-hhn4033-HHN

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/3e7e4b43/ Frame D7F9 359 KB
53 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead496a5e085c4be0143bbc1bacabbc7d6b70fe6bc553d5945b27ca1338e2a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103986
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53994
x-xss-protection: 0
expires: Tue, 03 May 2022 17:01:02 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/3e7e4b43/www-embed-player.vflset/ Frame D7F9 189 KB
67 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fea95a3aa61f6ac606be37d8bf06665c93ae73abf4f59c6d6bb56d708d621d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 104003
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68426
x-xss-protection: 0
expires: Tue, 03 May 2022 17:00:45 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/ Frame D7F9 2 MB
520 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d318ca96cb5a70fdfda07ac11224c77f86c62d34c93357878eb031c2d23c4c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103902
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 532794
x-xss-protection: 0
expires: Tue, 03 May 2022 17:02:26 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/3e7e4b43/fetch-polyfill.vflset/ Frame D7F9 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 104003
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 03 May 2022 17:00:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D7F9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 488
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 04 May 2022 21:46:00 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D7F9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

49ms
47ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56ef83716f67b5a7a9c6697a434b751c9fe4da15d442c051ac65c0d72ecffa6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 May 2021 21:54:08 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D7F9 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:48:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 357
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 04 May 2021 22:03:11 GMT

GET
H2 200 mTYYqMv85jMWTITgunHIHq6cmzwrTfSamYj7ZYqIVRg.js Show response
www.google.com/js/th/ Frame D7F9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mTYYqMv85jMWTITgunHIHq6cmzwrTfSamYj7ZYqIVRg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

993618a8cbfce633164c84e0ba71c81eae9c9b3c2b4df49a9988fb658a885518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 9310
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
expires: Wed, 04 May 2022 19:18:58 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/ Frame D7F9 24 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8091991c5ae0cfe9987be30eb312923580c35385fff025da9027edbf0ae00e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103902
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7715
x-xss-protection: 0
expires: Tue, 03 May 2022 17:02:26 GMT

GET
DATA 200
OK truncated
/ Frame D7F9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjroT9z5VQsx0DtbNjKvLd3IksUp8i0pR0wR-1x=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D7F9 3 KB
3 KB 350ms
350ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjroT9z5VQsx0DtbNjKvLd3IksUp8i0pR0wR-1x=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49c0eb08723b687a015a8cd8d817e14a4811d661fbed9f89a27fd73f5ce87fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2781
x-xss-protection: 0
expires: Wed, 05 May 2021 21:54:09 GMT

GET
DATA 200
OK truncated
/ Frame D7F9 303 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96a0f12d2c91e5101172639055736eb0d08dc9fe36ad4c5a6aaaedda048da6f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame D7F9 61 KB
16 KB 84ms
83ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c504f535a746809f66380ef1a20fc734da6d108382c31c63d3bbd79a40766825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210502.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtxSTh3V2p6b09WayiAhceEBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16860
x-xss-protection: 0
expires: Tue, 04 May 2021 21:54:08 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame D7F9 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Wm3ndA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame D7F9 0
19 B 15ms
14ms Ping
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=dUm4HxcJVbEt7Rhb&ei=gMKRYMHwNJeC8gOl-KbQDQ&el=embedded&docid=AuWz3Cw2j6o&ns=yt&fexp=23748146%2C23940238%2C23969934%2C23983296%2C23995927%2C24001373%2C24006795%2C24007246%2C24012117%2C24014440%2C24015145%2C24022926%2C24033003&cl=371598912&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.189:N&error=0.085:onesie.unavailable.hotconfig:0.000:url.0&bat=0.085:1:1,0.189:1:1&vis=0.085:0&cmt=0.085:0.000,0.189:0.000&bh=0.085:0.000,0.189:0.000&afs=0.188:251::i&vfs=0.189:134:134::r&view=0.189:600:368&bwe=0.189:130000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:08 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-5goeen7y.googlevideo.com/ Frame D7F9 1 KB
2 KB 111ms
38ms XHR
text/plain 2a00:1450:400f:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5goeen7y.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=vL&mm=31%2C26&mn=sn-5goeen7y%2Csn-4g5e6nez&ms=au%2Conr&mv=u&mvi=5&pl=51&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&mt=1620164628&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAMRMwoj32HuWyPTbExxP4tZqcew9eUbtKRWoZ3xmDmO0AiBI91PKELJL2bGhmV9X7AmjVcmOIgn8RnbhWVKsA1T7gQ%3D%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&range=0-832&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:12::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6937ee5e39987eb7c173895a71cc1ab712908e4d4b7c4ba3274a92fb18de048f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 21:54:09 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1064
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 04 May 2021 21:54:09 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-5goeen7y.googlevideo.com/ Frame D7F9 1003 B
2 KB 111ms
37ms XHR
text/plain 2a00:1450:400f:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5goeen7y.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=251&source=youtube&requiressl=yes&mh=vL&mm=31%2C26&mn=sn-5goeen7y%2Csn-4g5e6nez&ms=au%2Conr&mv=u&mvi=5&pl=51&vprv=1&mime=audio%2Fwebm&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=461904&otfp=1&dur=25.981&lmt=1619532809163201&mt=1620164628&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgbV8UWdyrPqkJ9nBq_hWW8zCtqdTaz_KsYOm47xZknAQCIDHO6tIA5btVL_6jWsKBdasU5pgH-eYTTmrzbMenplYd&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAMRMwoj32HuWyPTbExxP4tZqcew9eUbtKRWoZ3xmDmO0AiBI91PKELJL2bGhmV9X7AmjVcmOIgn8RnbhWVKsA1T7gQ%3D%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&range=0-309&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:12::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

258c7d5d24c6b1690e7136cb0126556543c58e007d1c2b9d771079dfd29b3032

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 21:54:09 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1003
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/ Frame D7F9 97 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d3976ddd7222afe83974c49f1b83cb1c15cadafaf9a4f72236bd1c4c0d1f2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103902
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32895
x-xss-protection: 0
expires: Tue, 03 May 2022 17:02:26 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/ Frame D7F9 62 KB
24 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9add347dbd589c2a860ccb9c0cfd1c0200cf06dbc7217723406b13712533257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25005
x-xss-protection: 0
expires: Tue, 03 May 2022 17:04:20 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/ Frame D7F9 26 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddb4adab09d93a30a069c118bc6426af71dfd564b84cf00ffe400d182743e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 00:18:52 GMT
server: sffe
age: 103788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7452
x-xss-protection: 0
expires: Tue, 03 May 2022 17:04:20 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame D7F9 76 KB
6 KB 244ms
244ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

080bebffc3e6a70b9ac1f8bec9662d6eb6ccf3bfeaba07a23b567184b84697e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210502.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtxSTh3V2p6b09WayiAhceEBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6435
x-xss-protection: 0
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D7F9 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 04 May 2021 21:54:08 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 310 B
335 B 308ms
299ms XHR
audio/webm 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=461904&otfp=1&dur=25.981&lmt=1619532809163201&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgbV8UWdyrPqkJ9nBq_hWW8zCtqdTaz_KsYOm47xZknAQCIDHO6tIA5btVL_6jWsKBdasU5pgH-eYTTmrzbMenplYd&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMM9E3nVbrl3jjqmtAQmcjIK1xevEvDIy7SSsYXEmfefAiBRtubBWe4Weg-j2-gu8xHBJAdC_J4fJjK_fSAEvzxgjA%3D%3D&range=0-309&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4d0efa94f67eef46ff21e5ccc3efae55d12299c086117fe27e88a3c4085ebef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 310
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 833 B
859 B 164ms
156ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=0-832&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2fe1260d7058abc6a4d7d690f5ea77371069ebc315fdc78e44f713595d21912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 833
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H2 200 media Show response
graph.instagram.com/me/ 6 KB
3 KB 543ms
529ms XHR
application/json 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.instagram.com/me/media?fields=id,caption,media_url&access_token=IGQVJWdjg5Wk1wNGpOODduWWowdXp5cHZApUEZAOeElSNG1hM3ZAmM0x4NXFFOXRFWVI2LWZAUaFlRSGg2LU15TXlzc3JGS3VJSVI5NC1EQ3NMMmZApMEt4X1FMSjVNYkxMdmFNX2gwQmd3

Requested by

Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/v134/js/chunk-vendors.6ed82305.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d781c524c76fe0c00d92355d74a8cd639dba50ff927e40b301c69783fb64bdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: application/json, text/plain, */*
Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
etag: "45daea9daf8743abceccd93e48d89d9a21ede959"
x-app-usage: {"call_volume":0,"cpu_time":0}
x-fb-rev: 1003730712
content-length: 2588
pragma: no-cache
x-fb-debug: uAVKvWoCN2/+oDfJp+NaSkMIOWnPt0X+VhfhwOkXogPktZPcx12Xadi5Cku9wUsY3tqLWUqjYseI5Y0takclsg==
x-fb-trip-id: 1425083115
x-fb-trace-id: A1G6nGtishW
date: Tue, 04 May 2021 21:54:09 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AzE3-MSnz5E2ZGFN4C-TBiD
instagram-api-version: v5.0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 AAUvwnjroT9z5VQsx0DtbNjKvLd3IksUp8i0pR0wR-1x=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D7F9 4 KB
4 KB 157ms
142ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjroT9z5VQsx0DtbNjKvLd3IksUp8i0pR0wR-1x=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a1281c971bf694c8c9106814945e41b1680a3088093da1b12aeb16377f68cda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3594
x-xss-protection: 0
expires: Wed, 05 May 2021 21:54:09 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 287 KB
287 KB 39ms
39ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=833-294311&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

09549d5a220d1e0d448742cf81442ebf60e71627775561645f0d83baacf66f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 293479
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 282 KB
282 KB 46ms
46ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=294312-583424&rn=6&rbuf=5333

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c3d0196fe75c25abf9d71f30609af8ed051089a197df558c820a7e1361869f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289113
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 171 KB
171 KB 137ms
136ms XHR
audio/webm 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e73d39e11ba7d30eb587ce81337dd27a7c98c964642fbe3560c90dd14e86e87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175498
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 174 KB
174 KB 136ms
136ms XHR
audio/webm 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

37350f6ab75decb94a7b62bae1f95d25eb1351a5f053bbcaf02c4beaf6b8f936

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178420
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame D7F9 0
17 B 14ms
13ms Image
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=dUm4HxcJVbEt7Rhb&docid=AuWz3Cw2j6o&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FAuWz3Cw2j6o%3Fplaylist%3DAuWz3Cw2j6o%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&cmt=0.051&ei=gMKRYMHwNJeC8gOl-KbQDQ&fmt=134&fs=0&rt=0.864&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpostresfaioficial.store%2F&lact=889&cl=371598912&mos=1&vm=CAEQABgEKiw5MTluOTZwdjRNY3laeU02bllXYXJQbFJwdDBCWEJaOXNsa1ZCMHZoa2VrPToyQU9HdF9PSXhmWHk5cEZSREhtVXhLNjVtWENCZ2wxR3ZISEstaFNIT2xjclJBLTh0M1E&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=25.981&fexp=23748146%2C23940238%2C23969934%2C23983296%2C23995927%2C24001373%2C24006795%2C24007246%2C24012117%2C24014440%2C24015145%2C24022926%2C24033003&rtn=2&list=TLGGuf2C4eXvZ8gwNDA1MjAyMQ&afmt=251&size=600%3A368&inview=1&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame D7F9 0
19 B 14ms
14ms Image
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=AuWz3Cw2j6o&cpn=dUm4HxcJVbEt7Rhb&ei=gMKRYMHwNJeC8gOl-KbQDQ&ptk=youtube_none&pltype=contentugc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:09 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 355 KB
355 KB 42ms
41ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=583425-947109&rn=9&rbuf=10624

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

03b81d740fa1b664835f1325c41c62931b102a268b80e6b7ade7c49a1d282546

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:09 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363685
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 04 May 2021 21:54:09 GMT

GET
H2 200 178109716_795451781392812_5500241325733709223_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/ 37 KB
37 KB 123ms
103ms Image
image/jpeg 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.29350-15/178109716_795451781392812_5500241325733709223_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ByeC5bQlQ_8AX8Izxfo&_nc_ht=scontent-frx5-1.cdninstagram.com&oh=1d457d75f1978b480702244da849a481&oe=60B843D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1c4c9e363a16c42a1fbc92c574d6307a74c6dbcd9a1415748fa8c27efe76a90d

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3459453836
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 780166575
last-modified: Tue, 27 Apr 2021 23:23:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: 8f00IDURL0XXsOM_7AlC3bitlJs1tvwDpILR_sZ6I1N-z988S31WovJVLiCjSuqD_f3bvqpvLhUjOgj4J4dBVw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 489573964
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 37862

GET
H2 200 178636045_164210258942949_6268951157058072833_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 67 KB
67 KB 215ms
193ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/178636045_164210258942949_6268951157058072833_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=uOR90PQgzFcAX-zvHD6&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=600943998af99a11d2fd0efa4198424b&oe=60B6F5E3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b0a3f556cd3e68018abeff7a3cbc029505ebb7efe37f54b8d967d0b9377ee8d7

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 842788876
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 2050670934
last-modified: Tue, 27 Apr 2021 23:19:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: 576v7RRi55fHxtT158o3cDG-0h_EHjVAYeDbH1V3wRhi4gazOMwQF09lVRqmelQ5xPQg9AYA-Ixy0s4IaZLgeQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4250453923
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68833

GET
H2 200 179011887_365237131534222_2043355444479295177_n.jpg
scontent-frt3-2.cdninstagram.com/v/t51.29350-15/ 56 KB
56 KB 148ms
127ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.cdninstagram.com/v/t51.29350-15/179011887_365237131534222_2043355444479295177_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=92J1lfXwNUkAX_7Np4I&_nc_oc=AQlBj5tL3iUhiulwbZlcpbtEZVFEgnjL2tX3FEg2rFegzxXLNp2bv0sJ3mY4OC7WXA41fuRXfKpYf8GtIpS-diBG&_nc_ht=scontent-frt3-2.cdninstagram.com&oh=bb8050e9644c3e34f935ec497bf00952&oe=60B78934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 296e5850cd3c8bed1a043182caab3b6699dba6d4f68015a78ac0342f4b897a8a

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2260979945
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 1425083115
last-modified: Tue, 27 Apr 2021 22:15:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: 9RjC_bEQ6UmLPbFTX2v-7Ja4ejaseLsmvqvwcnRFuhQwSaYR72AkkeK0MoAZKfgh-bqF7uGRQO31pVIIT_eJhw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1704581561
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 56941

GET
H2 200 161335260_233540845161538_7607169456651612320_n.jpg
scontent-frt3-2.cdninstagram.com/v/t51.29350-15/ 45 KB
46 KB 91ms
70ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.cdninstagram.com/v/t51.29350-15/161335260_233540845161538_7607169456651612320_n.jpg?_nc_cat=103&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=Q6Jj-KCQBssAX-N1NwR&_nc_ht=scontent-frt3-2.cdninstagram.com&oh=f0a61bb5c85c58e743a43cc4cf2c9ed3&oe=60B5D62D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f78fc8edd47cc6869cc0a1e15aad92f5ef258bd406310d82065e5278fea2d175

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 641772692
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 1425083115
last-modified: Tue, 16 Mar 2021 00:33:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: NJ6FRPOmjvz9RVWWi0gH35gVhZrwTSJQ2vIPtif0gLaV7LSSodJvTeBLlnilchAXWei9E5sVDJPV9DLm1y23dQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1073548586
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 46568

GET
H2 200 160600523_734126777106533_6233512229743436426_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/ 45 KB
46 KB 92ms
71ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.29350-15/160600523_734126777106533_6233512229743436426_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=2RYiRYuhHbcAX8CL02l&_nc_ht=scontent-frt3-1.cdninstagram.com&oh=71d0245e44e02296293b8010d1ae8d17&oe=60B69B85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 18ff67dc210b35cc0ee6adb92fd350f8ddd8005a6782ce3dc2e747cd13c3d0df

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2946984028
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 2050670934
last-modified: Sun, 14 Mar 2021 21:24:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: je2_-tWPrCZT8BRsv2u3YPsGTKJoAc1CE1TVw8a6D9JP4Yr2LVLkJLLbDofqI_b_M3kTXIK7YiCMuDzqmHPlCw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 232656882
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 46590

GET
H2 200 159993021_362907134806241_2818838922772568609_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/ 71 KB
71 KB 169ms
149ms Image
image/jpeg 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.29350-15/159993021_362907134806241_2818838922772568609_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=NKYqKv63HM8AX9H9RZk&_nc_ht=scontent-frx5-1.cdninstagram.com&oh=45779cc2b59728a0c06ee0c47f98d163&oe=60B92EEE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 17083cf8e73dd7c2235d92167d87d578fd92fa6987abc77c37fbde38aebeed5c

Request headers

Referer: https://postresfaioficial.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 360657980
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 780166575
last-modified: Sun, 14 Mar 2021 21:20:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: goi-ZrGPQLK6RxYQRWHOnbRRBaYC9NkVZxYJHUx2FOhqEXLD9FWjgZXmyuxDQhKjR40ZS28HRkGroTRFOD7yqg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1671495836
x-fb-config-version-olb-prod: 1091
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 72496

GET
H2 206 176028638_4139940412712506_675178571731522319_n.mp4
video-frt3-2.cdninstagram.com/v/t50.2886-16/ 183 KB
0 138ms
118ms Media
video/mp4 2a03:2880:f21c:81c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-2.cdninstagram.com/v/t50.2886-16/176028638_4139940412712506_675178571731522319_n.mp4?_nc_cat=110&vs=17989365382350394_374220009&_nc_vs=HBksFQAYJEdONzdmUW82NXJEOVFMVU9BQTlUQTNCVnQxNEpia1lMQUFBRhUAAsgBABUAGCRHRUNGWFFvVTM4ZjYwWVFLQU1pSjB0TzNzd05fYmtZTEFBQUYVAgLIAQAoABgAGwGIB3VzZV9vaWwBMRUAACb0%2BrjB7M70PxUCKAJDMywXQDndsi0OVgQYEmRhc2hfYmFzZWxpbmVfMV92MREAdeoHAA%3D%3D&ccb=1-3&_nc_sid=59939d&efg=eyJ2ZW5jb2RlX3RhZyI6InZ0c192b2RfdXJsZ2VuLjcyMC5mZWVkIn0%3D&_nc_ohc=re7sPFkkhDcAX98uCDc&_nc_ht=video-frt3-2.cdninstagram.com&oh=db427f8e60ac400ad4f8ec0f238c3270&oe=60B79BFF&_nc_rid=65a53a5443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://postresfaioficial.store/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 1425083115
accept-ranges: bytes
content-type: video/mp4
access-control-allow-origin: *
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: Sc03gYXGXb3uMl1d8_0MtWf7nwTOsTy14QtWIw5PCTkiaRIie4LEvHN9SMz82AnmRFl2pyA9fDv8w4dM6cxTHg
Content-Range: bytes 0-1219853/1219854
x-fb-config-version-olb-prod: 1091
x-fb-vts-requestid: 56352d2aeb
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 1219854

GET
H2 206 176935090_1760331217480985_4531711404042249067_n.mp4
video-frt3-1.cdninstagram.com/v/t50.2886-16/ 145 KB
0 303ms
283ms Media
video/mp4 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.cdninstagram.com/v/t50.2886-16/176935090_1760331217480985_4531711404042249067_n.mp4?_nc_cat=109&vs=17857546094507875_1401299972&_nc_vs=HBksFQAYJEdMTFFpd29acmVjTUEwRUdBR3RqaGc2RDNfTV9ia1lMQUFBRhUAAsgBABUAGCRHRFEzZ2dwd1BPR0R2cU1CQUJ0M2RUTWRFTzgzYmtZTEFBQUYVAgLIAQAoABgAGwGIB3VzZV9vaWwBMRUAACbGhO7V7NW4PxUCKAJDMywXQEQu2RaHKwIYEmRhc2hfYmFzZWxpbmVfMV92MREAdeoHAA%3D%3D&ccb=1-3&_nc_sid=59939d&efg=eyJ2ZW5jb2RlX3RhZyI6InZ0c192b2RfdXJsZ2VuLjcyMC5mZWVkIn0%3D&_nc_ohc=9fsahXnqvucAX_HWB_U&_nc_ht=video-frt3-1.cdninstagram.com&oh=dfb67182526dd1649f478b8cca8242c8&oe=60B6549B&_nc_rid=f4846ad53d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://postresfaioficial.store/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 21:54:09 GMT
x-fb-trip-id: 2050670934
accept-ranges: bytes
content-type: video/mp4
access-control-allow-origin: *
x-fb-config-version-elb-prod: 1091
x-fb-edge-debug: jKZFZohvRLlY3gK06KKA9Ww9myRktJFHG_l-vXy3Zm9WzvTwSKK6gTqrUzEc3ubUbct8oyvIzMEtchcKWIF6BQ
Content-Range: bytes 0-785921/785922
x-fb-config-version-olb-prod: 1091
x-fb-vts-requestid: f4846ad53d
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 785922

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame D7F9 0
17 B 14ms
14ms Image
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=dUm4HxcJVbEt7Rhb&docid=AuWz3Cw2j6o&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FAuWz3Cw2j6o%3Fplaylist%3DAuWz3Cw2j6o%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&cmt=1.189&ei=gMKRYMHwNJeC8gOl-KbQDQ&fmt=134&fs=0&rt=2.001&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpostresfaioficial.store%2F&lact=2026&cl=371598912&state=playing&vm=CAEQABgEKiw5MTluOTZwdjRNY3laeU02bllXYXJQbFJwdDBCWEJaOXNsa1ZCMHZoa2VrPToyQU9HdF9PSXhmWHk5cEZSREhtVXhLNjVtWENCZ2wxR3ZISEstaFNIT2xjclJBLTh0M1E&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=25.981&rtn=12&list=TLGGuf2C4eXvZ8gwNDA1MjAyMQ&afmt=251&idpj=-9&ldpj=-26&rti=2&size=600%3A368&inview=1&st=0&et=1.189&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 209 KB
210 KB 100ms
88ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=947110-1160964&rn=10&rbuf=12800

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

808646d957115f3b14d1d045417bd067f345a263960827bc0ff379b0c8495317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 21:54:12 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 213855
Last-Modified: Tue, 27 Apr 2021 14:13:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21296
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 04 May 2021 21:54:12 GMT

GET
H2 204 delayplay
www.youtube.com/api/stats/ Frame D7F9 0
131 B 16ms
16ms Image
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=dUm4HxcJVbEt7Rhb&docid=AuWz3Cw2j6o&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FAuWz3Cw2j6o%3Fplaylist%3DAuWz3Cw2j6o%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&cmt=4.2&ei=gMKRYMHwNJeC8gOl-KbQDQ&fmt=134&fs=0&rt=5.012&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpostresfaioficial.store%2F&lact=5038&cl=371598912&mos=1&vm=CAEQABgEKiw5MTluOTZwdjRNY3laeU02bllXYXJQbFJwdDBCWEJaOXNsa1ZCMHZoa2VrPToyQU9HdF9PSXhmWHk5cEZSREhtVXhLNjVtWENCZ2wxR3ZISEstaFNIT2xjclJBLTh0M1E&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=25.981&fexp=23748146%2C23940238%2C23969934%2C23983296%2C23995927%2C24001373%2C24006795%2C24007246%2C24012117%2C24014440%2C24015145%2C24022926%2C24033003&list=TLGGuf2C4eXvZ8gwNDA1MjAyMQ&afmt=251&size=600%3A368&inview=1&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:13 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 atr Show response
www.youtube.com/api/stats/ Frame D7F9 0
19 B 19ms
18ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=dUm4HxcJVbEt7Rhb&docid=AuWz3Cw2j6o&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FAuWz3Cw2j6o%3Fplaylist%3DAuWz3Cw2j6o%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&cmt=4.564&ei=gMKRYMHwNJeC8gOl-KbQDQ&fmt=134&fs=0&rt=5.376&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpostresfaioficial.store%2F&lact=5402&cl=371598912&mos=1&vm=CAEQABgEKiw5MTluOTZwdjRNY3laeU02bllXYXJQbFJwdDBCWEJaOXNsa1ZCMHZoa2VrPToyQU9HdF9PSXhmWHk5cEZSREhtVXhLNjVtWENCZ2wxR3ZISEstaFNIT2xjclJBLTh0M1E&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=25.981&fexp=23748146%2C23940238%2C23969934%2C23983296%2C23995927%2C24001373%2C24006795%2C24007246%2C24012117%2C24014440%2C24015145%2C24022926%2C24033003&list=TLGGuf2C4eXvZ8gwNDA1MjAyMQ&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20210502.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1620165248707&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C368&vis=1&wgl=true&ca_type=image&bid=ANyPxKpo62Yr7XPk4G-hz9_Gz1_NLk8sx9vzN8-_ZUirAy9yAND6_aa9_P2Tm7zt_yXRuJlC6cTTfHDjrlUG4UBb4V5f3vnyiA

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:14 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 105 KB
105 KB 146ms
145ms XHR
audio/webm 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

79d50a1e9e6dda4b2e6e113dbb5bd10cbbd1f802804f4ef89d6eed2415e08970

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107676
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21293
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 04 May 2021 21:54:15 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5ednly.googlevideo.com/ Frame D7F9 257 KB
258 KB 40ms
40ms XHR
video/mp4 2a00:1450:4001:67::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednly.googlevideo.com/videoplayback?expire=1620186848&ei=gMKRYMHwNJeC8gOl-KbQDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-APnFIgplgdT-d767plSM_dkeUp4CT4gS-zDf6Dav_iPT&itag=134&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HTAbniymYok5H-nXxff7PqoF&gir=yes&clen=1424632&otfp=1&dur=25.966&lmt=1619532813880591&fvip=5&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=EwyscJBPvIMV7g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALgGiLAgvSifvdV2dudBVDUsYJPk35oRGs9iN8ZazIEDAiEA94dvgB8RlADo9H2ST0DPxxk4KZq4GusmJoHn2n7MHI8%3D&alr=yes&cpn=dUm4HxcJVbEt7Rhb&cver=1.20210502.0.0&redirect_counter=1&cm2rm=sn-5gole76&cms_redirect=yes&mh=vL&mm=34&mn=sn-4g5ednly&ms=ltu&mt=1620164789&mv=u&mvi=5&pl=51&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMwNSe5tbiTCvIsJVn4ZvaBeCUeVb3nXiLqkBCrhxBypAiBSEd-So3E2_3xQ9NF7Zwm6bH-yketzFz7JivU-3iX5Aw%3D%3D&range=1160965-1424631&rn=12&rbuf=15633

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f3bd232356b35cc68be983f92f871c43547ec2ad1b377291a9f117e046495e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:54:15 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263667
client-protocol: quic
last-modified: Tue, 27 Apr 2021 14:13:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21293
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 04 May 2021 21:54:15 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame D7F9 0
101 B 14ms
14ms Ping
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=dUm4HxcJVbEt7Rhb&ei=gMKRYMHwNJeC8gOl-KbQDQ&el=embedded&docid=AuWz3Cw2j6o&ns=yt&fexp=23748146%2C23940238%2C23969934%2C23983296%2C23995927%2C24001373%2C24006795%2C24007246%2C24012117%2C24014440%2C24015145%2C24022926%2C24033003&cl=371598912&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210502.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&cmt=0.773:0.001,0.854:0.043,1.605:0.793,10.005:9.193&vps=0.773:B,0.854:PL,10.005:PL&user_intent=0.195&bwm=10.005:1888603:1.465&bwe=10.005:1883467&bat=10.005:1:1&bh=10.005:25.967&df=10.005:1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 May 2021 21:54:18 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D7F9 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3e7e4b43/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/AuWz3Cw2j6o?playlist=AuWz3Cw2j6o&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20210502.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtxSTh3V2p6b09WayiAhceEBg%3D%3D
X-YouTube-Ad-Signals: dt=1620165248657&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C368&vis=1&wgl=true&ca_type=image&bid=ANyPxKpo62Yr7XPk4G-hz9_Gz1_NLk8sx9vzN8-_ZUirAy9yAND6_aa9_P2Tm7zt_yXRuJlC6cTTfHDjrlUG4UBb4V5f3vnyiA

Response headers

date: Tue, 04 May 2021 21:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 04 May 2021 21:54:19 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors zyro.com editor.zyro.com www-staging.zyro.space builder-staging.zyro.space
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zyrosite.com
backend.zyro.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.instagram.com
i.ytimg.com
images.unsplash.com
postresfaioficial.store
r5---sn-4g5ednly.googlevideo.com
r5---sn-5goeen7y.googlevideo.com
scontent-atl3-1.cdninstagram.com
scontent-frt3-1.cdninstagram.com
scontent-frt3-2.cdninstagram.com
scontent-frx5-1.cdninstagram.com
static.doubleclick.net
userapp.zyrosite.com
video-atl3-1.cdninstagram.com
video-frt3-1.cdninstagram.com
video-frt3-2.cdninstagram.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2606:4700:10::ac43:b4f
2606:4700::6812:3a9
2a00:1450:4001:67::a
2a00:1450:4001:801::200e
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2016
2a00:1450:4001:813::200a
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400f:12::a
2a02:4780:1:8::3a
2a03:2880:f211:c4:face:b00c:0:43fe
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f22d:c4:face:b00c:0:43fe
2a04:4e42:1b::720
03b81d740fa1b664835f1325c41c62931b102a268b80e6b7ade7c49a1d282546
080bebffc3e6a70b9ac1f8bec9662d6eb6ccf3bfeaba07a23b567184b84697e3
09549d5a220d1e0d448742cf81442ebf60e71627775561645f0d83baacf66f1f
0ddb4adab09d93a30a069c118bc6426af71dfd564b84cf00ffe400d182743e15
131a852073fb606d58131e75e533f08b04a33d7dfd60f8573e21c335c00007e6
17083cf8e73dd7c2235d92167d87d578fd92fa6987abc77c37fbde38aebeed5c
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
18ff67dc210b35cc0ee6adb92fd350f8ddd8005a6782ce3dc2e747cd13c3d0df
1c4c9e363a16c42a1fbc92c574d6307a74c6dbcd9a1415748fa8c27efe76a90d
1fea95a3aa61f6ac606be37d8bf06665c93ae73abf4f59c6d6bb56d708d621d9
255d06c716c97039b129f2494758c249882718676cca0756525271357e4e36f0
258c7d5d24c6b1690e7136cb0126556543c58e007d1c2b9d771079dfd29b3032
289fd95e4480001061f4f0784e0d3a365b7629b33a58264900ee7dcd0afabefb
296e5850cd3c8bed1a043182caab3b6699dba6d4f68015a78ac0342f4b897a8a
2fe1260d7058abc6a4d7d690f5ea77371069ebc315fdc78e44f713595d21912d
34c18479507501fb2e5560c3466722d0f1f82097eccd08b765283ac68bb55936
37350f6ab75decb94a7b62bae1f95d25eb1351a5f053bbcaf02c4beaf6b8f936
3972c109a691e2e976f3600d0387431a9ee50434ab98e990024fe474163e3c89
3b7d5840ea4926cc7d41d27e195021fd1938be4b33ea8837902abb571676b1ee
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
425fb1326ed7b0efd5c9e3d08757496b5e630a99c230a0d0b19c2dbb1cbbbcff
49c0eb08723b687a015a8cd8d817e14a4811d661fbed9f89a27fd73f5ce87fe2
4a738843f5f5ac5f0311a7553f44c901d5ed63e87baf2b689ec480366758fecb
4d0efa94f67eef46ff21e5ccc3efae55d12299c086117fe27e88a3c4085ebef6
56ef83716f67b5a7a9c6697a434b751c9fe4da15d442c051ac65c0d72ecffa6b
58b90e67d59a9b8819f599eb5c03c92a1fe8148ee228267c60b262f2498ae367
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d3976ddd7222afe83974c49f1b83cb1c15cadafaf9a4f72236bd1c4c0d1f2f8
5e1d86973a2868392fe31688df0674757eecd7db9ea1b18e3242eb3cad985b05
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6937ee5e39987eb7c173895a71cc1ab712908e4d4b7c4ba3274a92fb18de048f
771f7c9639df64941adf1051a1b892a25ae38963d141bcb354a2d2407e689df0
79d50a1e9e6dda4b2e6e113dbb5bd10cbbd1f802804f4ef89d6eed2415e08970
808646d957115f3b14d1d045417bd067f345a263960827bc0ff379b0c8495317
8091991c5ae0cfe9987be30eb312923580c35385fff025da9027edbf0ae00e17
96a0f12d2c91e5101172639055736eb0d08dc9fe36ad4c5a6aaaedda048da6f5
993618a8cbfce633164c84e0ba71c81eae9c9b3c2b4df49a9988fb658a885518
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a1281c971bf694c8c9106814945e41b1680a3088093da1b12aeb16377f68cda5
a9add347dbd589c2a860ccb9c0cfd1c0200cf06dbc7217723406b13712533257
b0a3f556cd3e68018abeff7a3cbc029505ebb7efe37f54b8d967d0b9377ee8d7
c3d0196fe75c25abf9d71f30609af8ed051089a197df558c820a7e1361869f9d
c504f535a746809f66380ef1a20fc734da6d108382c31c63d3bbd79a40766825
d318ca96cb5a70fdfda07ac11224c77f86c62d34c93357878eb031c2d23c4c41
d781c524c76fe0c00d92355d74a8cd639dba50ff927e40b301c69783fb64bdd8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc41fe9a424bdb4f001e588c5993b7d760b104333c9fa2adfe3f5e641f3d20fd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73d39e11ba7d30eb587ce81337dd27a7c98c964642fbe3560c90dd14e86e87f
ead496a5e085c4be0143bbc1bacabbc7d6b70fe6bc553d5945b27ca1338e2a08
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3bd232356b35cc68be983f92f871c43547ec2ad1b377291a9f117e046495e6c
f78fc8edd47cc6869cc0a1e15aad92f5ef258bd406310d82065e5278fea2d175
f87fb809abaae4bc0faaabc72aba2147150afcdd31f86eee8dc2b3a05fb77e2b
ff42157f36dc6ba3756b53635d3d55bcedaa41778aef3a40ee9ea8b0d5d35de8

postresfaioficial.store Open in urlscan Pro 2a02:4780:1:8::3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

100 %IPv6

14 Domains

24 Subdomains

22 IPs

3 Countries

8378 kBTransfer

11226 kBSize

0 Cookies

0 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

postresfaioficial.store Open in urlscan Pro
2a02:4780:1:8::3a Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

24
Subdomains

22
IPs

3
Countries

8378 kB
Transfer

11226 kB
Size

0
Cookies

69 HTTP transactions
11 data transactions